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Amendments to the Claims; 

Please cancel claims 1-14, 29-34, and 40-43 without prejudice. This listing of claims will 
replace all prior versions, and listings of claims in the application: 

Listing of Claims: 

1. (Canceled) 

2. (Canceled) 

3. (Canceled) 

4. (Original) 



5. (Canceled) 

6. (Canceled) 

7. (Canceled) 

8. (Canceled) 

9. (Canceled) 

10. (Canceled) 

11. (Canceled) 

12. (Canceled) 
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13. (Canceled) 

14. (Canceled) 

15. (Currently Amended) A method for identifying members of a group, 
comprising the steps of: 

determining dynamic members of a first group based on a rule that defines 
dynamic membership for said first group, wherein said rule is stored in a dynamic rule attribute 
of an identity profile of said first group ; 

storing an identification of each of said dynamic members of said first group; 

receiving a request to report members of said first group, said request is received 
subsequent to said step of storing; and 

reporting said dynamic members of said first group in response to said request, 
said reporting of said dynamic members is performed based on said stored identification of said 
dynamic members. 

16. (Currently Amended) A method according to claim 15, wherein: 
said first group includes one or more static members; 

an identification of each of said static members is stored in a static member 
attribute for &r said identity profile of said first group; and 

said identification of each of said dynamic members is stored in said static 
member attribute for said identity profile of said first group. 

17. (Currently Amended) A method according to claim 15, wherein: 
said first group includes one or more static members; 

an identification of each of said static members is stored in a static member 
attribute for as said identity profile of said first group; 

said identity profile of said first group also includes an expansion attribute; and 
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said method can only "be performed if said expansion attribute includes an 
appropriate value. 

18. (Currently Amended) A method according to claim 17, wherein: 
said id e ntity profil e of said first group also includ e s a dynamic rule attribute 

which stores a rul e that d e fin e s dynamic m e mb e rship for said first group; and 

said method can only be performed for an entity having access to said expansion 
attribute and said dynamic rule attribute. 

19. (Original) A method according to claim 15, wherein: 
said steps of determining and storing are automatically repeated. 

20. (Original) A method according to claim 15, wherein: 

said steps of determining, storing and receiving are performed by an integrated 
identity and access system. 

21 . (Original) A method according to claim 20, wherein: 

said integrated identity and access system is capable of performing authorization 
services based on membership in said first group. 

22. (Original) A method according to claim 15, further comprising the steps 

of: 

determining nested members of said first group; and 

storing an identification of each of said nested members of said first group, said 
step of reporting includes reporting said nested members based on said stored identification of 
said nested members. 



23. (Original) A method according to claim 22, wherein: 

said nested members include members of multiple levels of nested groups. 
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24. (Original) A method according to claim 22, wherein: 

said step of determining nested members includes recursively determining 
members of group members. 

25. (Original) A method according to claim 22, wherein: 
said first group includes one or more static members; and 
said step of reporting includes reporting said static members. 

26. (Currently Amended) A method according to claim 4-^ 22, wherein said 
step of determining nested members includes the steps of: 

determining all static group members of said first group; 

determining all static and dynamic members of said static group members of said 

first group; 

determining all static group members of said static group members of said first 

group; and 

determining all members of said static group members of said static group 
members of said first group. 

27. (Currently Amended) A method according to claim 4-^ 22 wherein: 

said first group and nested groups of said first group include rules defining criteria 
for being dynamic members; and 

said step of determining dynamic members includes the steps of determining a 
normalized set of said rules and determining which users are defined by said normalized set of 
said rules, said users defined by said normahzed set of said rules are said dynamic members of 
said first group. 
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28. (Original) A method according to claim 15, wherein: 
said first group includes one or more static members; and 
said step of reporting includes reporting said static members. 

29. (Canceled) 

30. (Canceled) 

31. (Canceled) 

32. (Canceled) 

33. (Canceled) 

34. (Canceled) 

35. (Currently Amended) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one or more processors to perform a method 
comprising the steps of: 

determining dynamic members of a first group based on a rule that defines 
dynamic membership for said first group, wherein said rule is stored in a dynamic rule attribute 
of an identity profile of said first group ; 

storing an identification of each of said dynamic members of said first group; and 
receiving a request to report members of said first group, said request is received 
subsequent to said step of storing; and 
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reporting said dynamic members of said first group in response to said request, 



said reporting of said dynamic members is performed based on said stored identification of said 
dynamic members. 

36. (Original) One or more processor readable storage devices according to 
claim 35, wherein: 



37. (Original) One or more processor readable storage devices according to 

claim 36, wherein: 

said steps of determining and storing are automatically repeated. 

38. (Original) One or more processor readable storage devices according to 
claim 36, wherein: 

said steps of determining, storing and receiving are performed by an integrated 
identity and access system. 

39. (Original) One or more processor readable storage devices according to 
claim 36, wherein said method further comprises the steps of: 

determining nested members of said first group, said nested members include 
members of multiple levels of nested groups; and 

storing an identification of each of said nested members of said first group, said 
step of reporting includes reporting said nested members based on said stored identification of 
said nested members. 



said 



said 



first group includes one or more static members; and 
step of reporting includes reporting said static members. 



40. (Canceled) 
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41. (Canceled) 

42. (Canceled) 

43. (Canceled) 

44. (Currently Amended) An apparatus that can determine members of a 
group, comprising: 

a communication interface; and 

one or more processor processors in communication with said communication 
interface, said one or more proc e ssor processors perform a method comprising the steps of: 

determining dynamic members of a first group based on a rule that defines 
dynamic membership for said first group, wherein said rule is stored in a dyn amic rule attribute 
of an identity profile of said first group and said first group includes one or more static members, 

storing an identification of each of said dynamic members of said first 

group, aftd 

receiving a request to report members of said first group, said request is 
received subsequent to said step of storing, and 

reporting said static members and said dynamic members of said first 
group in response to said request, said reporting of said dynamic members is performed based on 
said stored identification of said dynamic members. 

45. (Original) An apparatus according to claim 44, wherein: 
said steps of determining and storing are automatically repeated. 

46. (Original) An apparatus according to claim 44, wherein: 

said steps of determining, storing and receiving are performed by an integrated 
identity and access system. 
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47. (Original) An apparatus according to claim 44, wherein said method 
further comprises the steps of: 

determining nested members of said first group, said nested members include 
members of multiple levels of nested groups; and 

storing an identification of each of said nested members of said first group, said 
step of reporting includes reporting said nested members based on said stored identification of 
said nested members. 
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